Active defense method of network system based on vulnerability correlation analysis

A network system and active defense technology, applied in the field of information security, can solve problems such as inaccurate vulnerability classification results, network explosion, and limiting the practicability of attack graph generation tools

Inactive Publication Date: 2017-09-22
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF4 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the process of generating the attack graph, the change of the attacker's own authority due to the exploitation of a certain vulnerability should be reflected in the attack path. As the premise of changing privileges, there are problems such as excessive system space consumption and network explosion; in the research of attribute-based attack graph generation, there are also problems such as the need to manually mark the relationship before and after the vulnerability or the inaccurate classification results of the vulnerability, which makes the algorithm The implementation is more complex or the generated results are inaccurate, which limits the practicability of various attack graph generation tools

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Active defense method of network system based on vulnerability correlation analysis
  • Active defense method of network system based on vulnerability correlation analysis
  • Active defense method of network system based on vulnerability correlation analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0070] The technical solutions of the present invention will be described in detail below in conjunction with the accompanying drawings and embodiments.

[0071] The network topology in this embodiment is as follows figure 1 shown. In this network system, the firewall separates the LAN from malicious visitors, and the WEB server Server 1 , database server Server 2 , host host 1 , host host 2 with the host host 3 Connected through a switch and can share information in a certain way.

[0072] Use the method proposed by the present invention to build a network system active defense strategy, and its operation process is as follows figure 2 As shown, specifically:

[0073] Step 1. Build a vulnerability database and collect vulnerability records.

[0074] Select the National Vulnerability Database (National Vulnerability Database, NVD) as the data source to build a vulnerability database.

[0075]The vulnerability database includes: Common Vulnerabilities and Exposures (...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The purpose of the invention is to provide an active defense method of a network system based on vulnerability correlation analysis. The method comprises the following steps: step 1, constructing a vulnerability database, and collecting vulnerability records; step 2, describing related concepts of network attack; step 3, mining an attack path; step 4, determining a risk grade of each host in the network system; step 5, determining an optimal attack path; and step 6, calculating a vulnerability restoration emergency level. Compared with the existing methods, the active defense method of the network system based on the vulnerability correlation analysis has the following advantages: (1) the attack path mining algorithm well combines the vulnerability correlation researches based on privilege improvement; and (2) a dynamic calculation method of the vulnerability restoration emergency level is provided, and a network administrator can be guided to reasonably arrange the vulnerability restoration sequence, and the purpose of active defense is realized.

Description

technical field [0001] The invention relates to a network system active defense method based on vulnerability correlation, which belongs to the technical field of information security. Background technique [0002] The biggest threat to the network system is computer security loopholes. Security loopholes will exist in all aspects of software and hardware, including system design and implementation, operation management, improper user operations or system failures. No network system can completely eliminate loopholes. Therefore, research on vulnerabilities should not only focus on the characteristics of known vulnerabilities, but also pay attention to the correlation between vulnerabilities. Practice has shown that there are often connections between vulnerabilities. Isolated vulnerabilities may not bring fatal blows to the system, but if network hackers use their connections with each other to launch secondary or even multi-level attacks, it will bring serious damage to the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
Inventor 邹文泽张皓张欣
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap